Close the socket file descriptor if connect() fails. Fixes a RESSOURCE_LEAK error (CWE-772) Signed-off-by: Jerome Marchand <jmarchan@xxxxxxxxxx> --- src/tracefs-vsock.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/tracefs-vsock.c b/src/tracefs-vsock.c index e171382..9171321 100644 --- a/src/tracefs-vsock.c +++ b/src/tracefs-vsock.c @@ -19,8 +19,10 @@ static int open_vsock(unsigned int cid, unsigned int port) if (sd < 0) return -1; - if (connect(sd, (struct sockaddr *)&addr, sizeof(addr))) + if (connect(sd, (struct sockaddr *)&addr, sizeof(addr))) { + close(sd); return -1; + } return sd; } -- 2.44.0